Learner Support

Phish Alert Button (PAB) for Microsoft 365 Guide

The Phish Alert Button (PAB) is a tool that allows you to report potentially malicious emails, such as phishing emails. When you use the PAB to report a potentially malicious email, you can help keep your organization safe from cyberattacks.

When Should I Use the PAB?

You should use the PAB to report any suspicious emails or potential phishing emails. When you use the PAB to report an email, the email will be automatically deleted from your inbox and forwarded to your IT security team.

You should not use the PAB to report spam or marketing emails. You can delete these types of emails or add the sender or sender's email domain to a block list.

Important:If you need help adding a sender to a block list, contact your supervisor or IT team.

How Do I Use the PAB?

The steps for reporting an email using the PAB may vary based on the app that you're using. When you report an email using the PAB, the reported email will be automatically forwarded to your IT team regardless of the app that you're using.

Click the links below to learn how to use the PAB for the apps that you're using:

If you report an email in error, you can retrieve the email from your Trash or Deleted Items folders.

Note:The PAB is only compatible on mobile devices with public instances of Microsoft. Due to the permissions required, the PAB cannot be used on mobile devices with Microsoft 365 GCC High.

Using the PAB in Microsoft 365

If you use Microsoft 365, follow the steps below to report an email with the PAB:

  1. Open the email that you would like to report.
  2. Click the Apps icon in the top-right corner of the email to open the Apps launcher. Or, click the ellipsis icon (...) and select Apps. Office 365 PAB
  3. From the Apps launcher that opens, click the Phish Alert add-in.

    Note:If the PAB add-in is not displayed in the Apps launcher, click Add apps. Then, locate and add the PAB add-in.You can also pin the PAB add-in to the toolbar at the top of an open email. To pin the add-in, click the ellipsis icon and select Customize actions. Or, navigate to Settings > Mail > Customize actions. Then, select the Phish Alert add-in and click Save. For more information about managing add-ins in Microsoft Office, visit Microsoft's Get an Office Add-in for Outlook article.
  4. In the prompt that opens, click Phish Alert again to report the email.

    Note:If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Using the PAB in the Microsoft Outlook Mobile App for Android

If you use the Microsoft Outlook app for Android, follow the steps below to report an email:

  1. Open the email that you would like to report.
  2. Click the vertical ellipsis icon (...) at the upper right corner of the email. Check the rest of the screen if you do not see the button in this location.
  3. Click the Phish Alert icon.
  4. In the pop-up window that opens, click Phish Alert to report the email.

    Note:If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Using the PAB in the Microsoft Outlook Mobile App for Apple iOS

If you use the Microsoft Outlook app for Apple iOS, follow the steps below to report an email:

  1. Open the email that you would like to report.
  2. Click the ellipsis icon () at the upper right corner of the email.
  3. Click the Phish Alert icon.
  4. In the pop-up window that opens, click Phish Alert again to report the email.

    Note:If your admin has enabled the Comments and Dispositions setting for the PAB, you can select a disposition from the Email Classification section. The Unknown option is selected by default. You can also enter a comment about the email you are reporting. Then, click Phish Alert.
  5. After you click Phish Alert again, a message will display to confirm that you reported the email. This message will tell you if the email you reported was a simulated phishing attack or if the email will need to be reviewed by your IT team. To close this message, click Ok.

Why Should I Use the PAB?

When you use the PAB to report suspicious emails, you can help keep your organization safe from security threats. The reported emails are sent to your organization for analysis, which will help keep your IT team informed about potential phishing emails that their employees receive. Once your IT team is aware of potential threats, they can help your organization stay safe from future attacks.

Can't find what you're looking for?

Contact Support